<?php

class MySQLCommand
{
	private $sql;
	private $variables = array();

	function __construct($sql)
	{
		$this->sql = $sql;
	}
	
	function setVariable($name, $value)
	{
		$this->variables[$name] = $value;
	}
	
	function generateSQL()
	{
		$sql = $this->sql;

		foreach ($this->variables as $key => $name)
		{
			if ($name == null)
				$sql = str_replace('{'.$key.'}', 'NULL', $sql);
			else
				$sql = str_replace('{'.$key.'}', $this->quoteSmart($name), $sql);
		}
		
		return $sql;
	}
	
	private function quoteSmart($value)
	{
		// Stripslashes
		if (get_magic_quotes_gpc())
			$value = stripslashes($value);

		$value = "'".mysql_real_escape_string($value)."'";

		return $value;
	}
}
?>